The number of security incidents involving mobile devices has increased over the past year, but companies are not protecting their mobile assets as well as they do other systems. One in three organizations admitted to suffering a compromise due to a...

Digitally transforming enterprises are now able to seamlessly integrate a myriad of service providers and business partners globally through diverse private interconnections. Equinix’s Global Interconnection Index volume 2 (GXI2)...

Networking vendor Juniper Networks has rolled out a new security architecture that will connect and operate with an enterprise customer's existing stack of products.
Named ‘Juniper Connected Security’, the open platform automates...

Rapid digitalisation has resulted in a surge in both the number of endpoints and the means by which cybercriminals can infiltrate enterprise networks. Around the globe, the total financial damage due to cybercrimes is predicted to reach $8 trillion...

Topic

Global supply chains and trade networks are becoming more complex as a result of shifting patterns within the logistics industry, including changing demands of vendors and customers.
In reality, not all businesses are able to navigate these...

Public cloud services are a strategic weapon for CIOs. More than a way to cease operating data centers, the public cloud offers CIOs the ability to focus on strategic projects aimed at boosting the bottom line.
“As organizations pursue new...

Moving ERP to the cloud? Expect delays

Almost two-thirds of businesses are planning to migrate an enterprise resource planning (ERP) system to the cloud or are already doing so, despite many of them having concerns about moving sensitive data, security and regulatory compliance.

That’s according to the Cloud Security Alliance (CSA), which asked 200 businesses about their ERP migration plans. They represent a small slice of a big market: Businesses will spend $30 billion on cloud ERP systems in 2021, and a total of $266 billion on all public cloud services, according to CSA's Impact of Cloud on ERP report.

Scalability was the most common reason for ERP moving to the cloud, cited by 65 percent of respondents, followed by lower cost of ownership (61 percent) and security patching and updating by the provider (49 percent).

Cloud concerns

Moving sensitive data gave businesses the biggest pause for thought: 65 percent cited it among their top concerns about moving ERP to the cloud. To make use of the cloud native migration tools providing access control and encryption of data at rest and in transit, though, businesses will need to re-architect their systems for the cloud environment, CSA warned.

This rules out the fastest way of getting a workload into the cloud, lift and shift, which would simply perpetuate existing problems with patching and access controls. And it means enterprises wanting to move their ERP systems to the cloud have more design work ahead of them than just specifying the kinds of server instances and storage they want.

Security concerns were raised by 59 percent of respondents, despite some evidence that security in the cloud can be an improvement over that of on-premises systems. The security challenge for enterprises is not the cloud itself but their own policies, configurations and technologies, according to CSA, which warns that 95 percent of cloud security failures are the customer’s fault.

Businesses on the whole are confident about the security of their systems: 51 percent claimed not to have had any ERP-related security incidents in the preceding two years, while 44 percent took the more realistic view that they didn’t know if they had had any. The remaining 5 percent reported an average of 3.8 security incidents each over the preceding two years.

CSA asked businesses about the security products protecting their cloud ERP systems. Identity and access management was in use by 68 percent of them; firewalls by 63 percent, vulnerability assessments by 62 percent, and intrusion detection and prevention systems (IDS/IPS) by 59 percent. Only 38 percent used a security information and event management system (SIEM) and 29 percent a cloud access security broker (CASB).

Other concerns about moving ERP to the cloud included compliance challenges (54 percent), disruption to business operations caused by the migration process (47 percent), and the time taken to migrate data (46 percent).

Migration missteps

Enterprises have good reason to worry about delays in migrating data: 90 percent of CIOs have already experienced data migration projects not going as planned due to the complexity of moving from on-premises to the cloud. Only a quarter met their deadlines for such data migrations, with the average data migration taking 12 months.

Those missed deadlines hide two areas of concern for CIOs: the difficulty of accurately estimating how long data migrations will take and the number of unexpected problems they may encounter along the way. Businesses moving data to the cloud need to plan for the worst and ensure that their ongoing business will not be impacted if there are delays.

Following the data

Much of this data is ending up with Amazon Web Services, the destination for 28 percent of the businesses surveyed, or Microsoft Azure (25 percent). SAP’s cloud is picking up another 14 percent, IBM’s 10 percent and Oracle’s 8 percent.

Contrast that with the ERP systems used by the businesses surveyed: 52 percent of them use SAP (rising to 70 percent among businesses with 50,000 employees or more. Oracle’s ERP is used by 36 percent, and Microsoft Dynamics by 24 percent, rising to 50 percent among businesses with fewer than 5,000 employees, a category accounting for half the respondents.